Feed Advanced Search

May 21 2019

gniibe added a commit to T4502: keys added via gpg-agent's ssh-agent interface are stored in private-keys-v1.d/ with a trailing null byte: rG479f7bf31ce4: agent: For SSH key, don't put NUL-byte at the end..
May 21 2019, 8:54 AM · gpgagent, ssh
gniibe claimed T4502: keys added via gpg-agent's ssh-agent interface are stored in private-keys-v1.d/ with a trailing null byte.

I located the bug in agent/command-ssh.c.
Our practice is two calls of gcry_sexp_sprint; One to determine the length including last NUL byte, and another to actually fills the buffer.
The first call return +1 for NUL byte.
The second call fills NUL at the end, but returns +0 length (length sans last NUL).

May 21 2019, 8:48 AM · gpgagent, ssh
werner triaged T4522: gpg-agent's EXPORT_KEY command does not tell its pinentry SETKEYINFO , preventing use of external passphrase cache as Low priority.
May 21 2019, 7:45 AM · Feature Request, gpgagent
ctubbsii added a comment to T4522: gpg-agent's EXPORT_KEY command does not tell its pinentry SETKEYINFO , preventing use of external passphrase cache .

I spent a lot of time trying to figure out how to automate the interface between my preferred password store (gnome-keyring, via libsecret), but with the loopback pinentry mode changes in gpg 2.1, it is much harder (if not impossible) to do. Having passphrase caching is the only thing preventing me from choosing a weaker passphrase on my gpg keyring.

May 21 2019, 2:03 AM · Feature Request, gpgagent
ctubbsii added a comment to T4522: gpg-agent's EXPORT_KEY command does not tell its pinentry SETKEYINFO , preventing use of external passphrase cache .

Disallowing passphrase caching is likely to have the unintended consequence of users choosing weaker passphrases that are more easily memorized and/or typed. Caching should be permitted, IMO. This puts more decisions about passphrase management into the control of the user.

May 21 2019, 1:38 AM · Feature Request, gpgagent

May 20 2019

dkg added a comment to T4522: gpg-agent's EXPORT_KEY command does not tell its pinentry SETKEYINFO , preventing use of external passphrase cache .

And yet, that interface is already being used by the agent-transfer utility in monkeysphere. The interface exists, it is not marked in any way as unusable or deprecated or off-limits, so it is used.

May 20 2019, 11:38 PM · Feature Request, gpgagent
werner triaged T4521: gpg-agent behavior on SIGTERM differs from KILLAGENT handling as Normal priority.
May 20 2019, 9:30 AM · Bug Report, gpgagent
werner added a comment to T4522: gpg-agent's EXPORT_KEY command does not tell its pinentry SETKEYINFO , preventing use of external passphrase cache .

That is on purpose. Exporting of a secret key should in theory not be possible at all via gpg. In practice we need a way to export a key, but that should be the exception and thus we do not want any caches for passphrases to have an effect.

May 20 2019, 9:29 AM · Feature Request, gpgagent
dkg added a comment to T4106: Terminal use case for gpg-agent and gpg-agent for ssh-agent feature.

trigger what command? i'm pretty sure gpgconf --reload gpg-agent does not trigger updatestartuptty. And it should not do so, afaict -- if you think it should, i'd be interested in hearing the rationale for it.

May 20 2019, 5:28 AM · Debian, gpgagent, Bug Report
ageis added a comment to T4106: Terminal use case for gpg-agent and gpg-agent for ssh-agent feature.

Does gpgconf --reload gpg-agent trigger that command? that's the ExecReload setting in the systemd service unit I'm looking at.

May 20 2019, 1:05 AM · Debian, gpgagent, Bug Report

May 19 2019

dkg created T4522: gpg-agent's EXPORT_KEY command does not tell its pinentry SETKEYINFO , preventing use of external passphrase cache .
May 19 2019, 10:43 PM · Feature Request, gpgagent
dkg created T4521: gpg-agent behavior on SIGTERM differs from KILLAGENT handling.
May 19 2019, 9:17 PM · Bug Report, gpgagent
dkg added a comment to T4106: Terminal use case for gpg-agent and gpg-agent for ssh-agent feature.

This doesn't sound systemd-specific to me, fwiw, though i don't understand how to reproduce the problem from the given description here.

May 19 2019, 9:05 PM · Debian, gpgagent, Bug Report

May 15 2019

werner merged task T4248: gpg-agent: Rare unresponsiveness after importing a secret S/MIME cert on Windows into T4505: SM, W32: GPGSM hangs up the GnuPG System.
May 15 2019, 9:22 AM · S/MIME, gnupg (gpg22), gpgagent, gpg4win

May 12 2019

werner triaged T4502: keys added via gpg-agent's ssh-agent interface are stored in private-keys-v1.d/ with a trailing null byte as Normal priority.

I often put an extra nul byte at the end of binary data so that accidental printing the data (e.g. in gdb) assures that there is a string terminator. But right, it should not go out to a file.

May 12 2019, 8:16 PM · gpgagent, ssh
dkg created T4502: keys added via gpg-agent's ssh-agent interface are stored in private-keys-v1.d/ with a trailing null byte.
May 12 2019, 12:37 AM · gpgagent, ssh

May 8 2019

aheinecke added a comment to T4427: Windows 10 update KB4489899 stops gpg-agent launching.

As this update lists multiple issues and following fixes for them, maybe it was resolved by Microsoft?

May 8 2019, 10:46 AM · Info Needed, Windows, gpgagent, Bug Report
werner triaged T4427: Windows 10 update KB4489899 stops gpg-agent launching as High priority.
May 8 2019, 8:54 AM · Info Needed, Windows, gpgagent, Bug Report

Apr 29 2019

werner closed T4473: The presence of gpg key disables ulimit and coredump in X11 session as Wontfix.

Since 2.1 the standard use of gpg-agent is to have it started on demand by the components which require it. The use of
"gpg-agent --daemon /bin/sh " should be used for debugging only.

Apr 29 2019, 10:12 PM · gpgagent, Bug Report
pmgdeb created T4473: The presence of gpg key disables ulimit and coredump in X11 session.
Apr 29 2019, 5:28 PM · gpgagent, Bug Report
aheinecke added a commit to T4333: Job objects on Windows interfere with automatic start of gpg-agent: rG03df28b18b92: common,w32: Breakaway detached childs when in job.
Apr 29 2019, 9:51 AM · patch, Windows, gpgagent, Bug Report
aheinecke changed the status of T4333: Job objects on Windows interfere with automatic start of gpg-agent from Open to Testing.

I've applied your patch with an additional comment to our master branch. Thanks!

Apr 29 2019, 9:37 AM · patch, Windows, gpgagent, Bug Report

Apr 5 2019

werner closed T4377: gpg-agent does not anymore restart a killed scdaemon as Resolved.

I did lot of tests in the last weeks while working on gpg-card.

Apr 5 2019, 5:07 PM · gnupg (gpg23), gpgagent, scd

Mar 27 2019

aheinecke added a comment to T4333: Job objects on Windows interfere with automatic start of gpg-agent.

Sorry, this did not make it into 3.1.6. But I'll definitely see about it for the next release. If it is an institutional / corporate issue you could also contract us through www.gnupg.com

Mar 27 2019, 1:50 PM · patch, Windows, gpgagent, Bug Report
aheinecke edited subtasks for T4333: Job objects on Windows interfere with automatic start of gpg-agent, added: T4389: Gpg4win 3.1.8; removed: T4264: Gpg4win 3.1.6.
Mar 27 2019, 1:48 PM · patch, Windows, gpgagent, Bug Report

Mar 26 2019

mjb added a comment to T4427: Windows 10 update KB4489899 stops gpg-agent launching.

Can you please run

gpg --debug ipc -vK

which will also start gpg-agent and print some diagnostics. You may want to redact the output. You can also run

Mar 26 2019, 11:04 PM · Info Needed, Windows, gpgagent, Bug Report
jegrp added a comment to T4333: Job objects on Windows interfere with automatic start of gpg-agent.

From: aheinecke (Andre Heinecke)
Sent: Montag, 28. Januar 2019 19:25

fwiw. Your patch is beautiful in which it follows our coding style and
debug output. I'm confident that we will accept it but currently I have
to read up on Job's a bit.

Is there a way I could help you with this? This issue is hampering adoption
of GnuPG 2 here.

--

Jan Echternach

Mar 26 2019, 6:49 PM · patch, Windows, gpgagent, Bug Report
aheinecke added a comment to T4427: Windows 10 update KB4489899 stops gpg-agent launching.

Trying to install the update manually (according to windows update my windows is fully updated) it says "This update is not meant for your computer" and aborts.

Mar 26 2019, 3:41 PM · Info Needed, Windows, gpgagent, Bug Report
werner added a comment to T4427: Windows 10 update KB4489899 stops gpg-agent launching.

Can you please run

gpg --debug ipc -vK

which will also start gpg-agent and print some diagnostics. You may want to redact the output. You can also run

gpg-agent -v --daemon

which should also print some more info.

Mar 26 2019, 7:57 AM · Info Needed, Windows, gpgagent, Bug Report
mjb created T4427: Windows 10 update KB4489899 stops gpg-agent launching.
Mar 26 2019, 1:14 AM · Info Needed, Windows, gpgagent, Bug Report

Mar 18 2019

werner closed T4319: New 2017 MAC permission isues on gpg-agent as Invalid.
Mar 18 2019, 7:27 PM · MacOS, gpgagent, gnupg (gpg22)

Mar 7 2019

werner added a commit to T4340: gpg-agent should support clearing passphrase cache for SSH: rG77a285a0a949: agent: Support --mode=ssh option for CLEAR_PASSPHRASE..
Mar 7 2019, 10:58 AM · gpgagent

Mar 6 2019

werner added a comment to T4377: gpg-agent does not anymore restart a killed scdaemon.

Thanks for fixing that.

Mar 6 2019, 8:05 AM · gnupg (gpg23), gpgagent, scd
gniibe changed the status of T4377: gpg-agent does not anymore restart a killed scdaemon from Open to Testing.
Mar 6 2019, 3:05 AM · gnupg (gpg23), gpgagent, scd
gniibe added a comment to T4377: gpg-agent does not anymore restart a killed scdaemon.

That's my badness. In wait_child_thread, assuan_release may cause thread context switch to agent_reset_scd which accesses scd_local_list; This access should be serialized.
And... in start_scd, calling unlock_scd should be after unlocking start_scd_lock.

Mar 6 2019, 3:05 AM · gnupg (gpg23), gpgagent, scd
gniibe added a commit to T4377: gpg-agent does not anymore restart a killed scdaemon: rG2abad7585a00: agent: Fix detection of exit of scdaemon..
Mar 6 2019, 3:00 AM · gnupg (gpg23), gpgagent, scd

Feb 26 2019

werner added a comment to T4377: gpg-agent does not anymore restart a killed scdaemon.

Does not happen in 2.2. Additional requirement to test this bug in master: Another connection to the scdaemon must be open. For example running scute or, easier, call "gpg --card-edit" and keep it open.

Feb 26 2019, 1:21 PM · gnupg (gpg23), gpgagent, scd
werner created T4377: gpg-agent does not anymore restart a killed scdaemon.
Feb 26 2019, 12:41 PM · gnupg (gpg23), gpgagent, scd

Feb 19 2019

gniibe changed the status of T2011: gnupg should notify cancellation of its operation to gpg-agent to kill pinentry from Open to Testing.
Feb 19 2019, 8:17 AM · Bug Report, gpgagent
gniibe added a comment to T2011: gnupg should notify cancellation of its operation to gpg-agent to kill pinentry.

Fixed in master.

Feb 19 2019, 6:42 AM · Bug Report, gpgagent
gniibe added a commit to T2011: gnupg should notify cancellation of its operation to gpg-agent to kill pinentry: rGc395f8315362: agent: Terminate pinentry process gracefully, by watching socket..
Feb 19 2019, 6:41 AM · Bug Report, gpgagent
gniibe claimed T2011: gnupg should notify cancellation of its operation to gpg-agent to kill pinentry.
Feb 19 2019, 3:55 AM · Bug Report, gpgagent
gniibe closed T4340: gpg-agent should support clearing passphrase cache for SSH as Resolved.
Feb 19 2019, 2:45 AM · gpgagent
gniibe closed T4348: When pinentry cache is used, gpg-agent should clear the cache if it failed at unprotect, a subtask of T4340: gpg-agent should support clearing passphrase cache for SSH, as Resolved.
Feb 19 2019, 2:45 AM · gpgagent
gniibe closed T4348: When pinentry cache is used, gpg-agent should clear the cache if it failed at unprotect as Resolved.
Feb 19 2019, 2:45 AM · gpgagent
gniibe lowered the priority of T4319: New 2017 MAC permission isues on gpg-agent from High to Low.

Your problem is apparently not an issue of upstream development of GnuPG; It is your setup script (agent.sh?) which specifies /dev/shm/SOMETHING.
Standard GnuPG never does that. We have no idea about use of /dev/shm/SOMETHING.

Feb 19 2019, 2:37 AM · MacOS, gpgagent, gnupg (gpg22)

Feb 6 2019

gniibe added a commit to T4348: When pinentry cache is used, gpg-agent should clear the cache if it failed at unprotect: rG9109bb9919f8: agent: Clear bogus pinentry cache, when it causes an error..
Feb 6 2019, 9:31 AM · gpgagent

Jan 28 2019

aheinecke added a comment to T4333: Job objects on Windows interfere with automatic start of gpg-agent.

fwiw. Your patch is beautiful in which it follows our coding style and debug output. I'm confident that we will accept it but currently I have to read up on Job's a bit.

Jan 28 2019, 7:24 PM · patch, Windows, gpgagent, Bug Report
aheinecke added a subtask for T4333: Job objects on Windows interfere with automatic start of gpg-agent: T4264: Gpg4win 3.1.6.
Jan 28 2019, 7:22 PM · patch, Windows, gpgagent, Bug Report
aheinecke claimed T4333: Job objects on Windows interfere with automatic start of gpg-agent.

That is a very interesting problem that we did not have on our radar.

Jan 28 2019, 7:22 PM · patch, Windows, gpgagent, Bug Report
gniibe added a commit to T4348: When pinentry cache is used, gpg-agent should clear the cache if it failed at unprotect: rG02a2633a7f0b: agent: Clear bogus pinentry cache, when it causes an error..
Jan 28 2019, 5:04 AM · gpgagent
gniibe added a comment to T4348: When pinentry cache is used, gpg-agent should clear the cache if it failed at unprotect.

When bogus entry is "", the error is GPG_ERR_NO_PASSPHRASE, and user cannot input the passphrase.

Jan 28 2019, 4:55 AM · gpgagent
gniibe added a comment to T4348: When pinentry cache is used, gpg-agent should clear the cache if it failed at unprotect.

Confirmed that manually created entry in gnome-keyring-daemon causes trouble.

Jan 28 2019, 4:52 AM · gpgagent

Jan 26 2019

gniibe created T4348: When pinentry cache is used, gpg-agent should clear the cache if it failed at unprotect.
Jan 26 2019, 2:46 PM · gpgagent

Jan 25 2019

werner triaged T4338: gpg-agent fails to start on Windows if GNUPGHOME is longer than 80 characters as Normal priority.
Jan 25 2019, 9:26 PM · Windows, gpgagent, Bug Report
gniibe changed the status of T4340: gpg-agent should support clearing passphrase cache for SSH from Open to Testing.
Jan 25 2019, 4:10 AM · gpgagent
gniibe added a comment to T4340: gpg-agent should support clearing passphrase cache for SSH.

Since there is --mode=normal option, it should be --mode=ssh.

Jan 25 2019, 4:10 AM · gpgagent
gniibe added a commit to T4340: gpg-agent should support clearing passphrase cache for SSH: rGae966bbe9b16: agent: Support --mode=ssh option for CLEAR_PASSPHRASE..
Jan 25 2019, 4:09 AM · gpgagent
gniibe created T4340: gpg-agent should support clearing passphrase cache for SSH.
Jan 25 2019, 1:04 AM · gpgagent

Jan 23 2019

jegrp created T4338: gpg-agent fails to start on Windows if GNUPGHOME is longer than 80 characters.
Jan 23 2019, 9:10 PM · Windows, gpgagent, Bug Report

Jan 21 2019

jegrp added a project to T4333: Job objects on Windows interfere with automatic start of gpg-agent: patch.

I've developed a simple patch that sets the CREATE_BREAKAWAY_FROM_JOB flag when creating a new background process. This flag requires a special permission on the job object, which is tested first. This means that the patch only works if the parent process sets JOB_OBJECT_LIMIT_BREAKAWAY_OK on the job object, otherwise the behavior should be as without the patch.

Jan 21 2019, 7:06 PM · patch, Windows, gpgagent, Bug Report
jegrp created T4333: Job objects on Windows interfere with automatic start of gpg-agent.
Jan 21 2019, 6:58 PM · patch, Windows, gpgagent, Bug Report

Jan 17 2019

werner created T4326: Reloading gpg-agent with disable-scdaemon set does not stop scdaemon..
Jan 17 2019, 5:45 PM · Bug Report, scd, gpgagent

Jan 11 2019

Cocoanino created T4319: New 2017 MAC permission isues on gpg-agent in the S1 Public space.
Jan 11 2019, 5:09 AM · MacOS, gpgagent, gnupg (gpg22)

Jan 5 2019

werner closed T4309: gpg agent in ssh-support does not import RSA-Keys greater than 4160 bits as Wontfix.

Right. We won't change that though. Sorry.

Jan 5 2019, 8:23 PM · gpgagent, Bug Report

Jan 4 2019

madonius created T4309: gpg agent in ssh-support does not import RSA-Keys greater than 4160 bits.
Jan 4 2019, 1:51 PM · gpgagent, Bug Report

Dec 20 2018

gniibe added a parent task for T4273: agent: Request insertion of smartcard when no card present: T2291: Smartcard interaction improvement (was: Shadowed private key design (for smartcard)).
Dec 20 2018, 12:59 AM · Feature Request, Documentation, gpgagent
gniibe triaged T4273: agent: Request insertion of smartcard when no card present as Normal priority.
Dec 20 2018, 12:57 AM · Feature Request, Documentation, gpgagent

Dec 19 2018

werner added a comment to T4273: agent: Request insertion of smartcard when no card present.

FWIW, the canonical way to make sure that gpg-agent has been started is to run

Dec 19 2018, 7:58 AM · Feature Request, Documentation, gpgagent
mjb added a comment to T4273: agent: Request insertion of smartcard when no card present.

You're very welcome. In my instance, this is "resolved" - I now get the prompt I realised I needed so to me this bug could be considered closed or wontfix, but I'll leave you to do with it as you please.

Dec 19 2018, 3:54 AM · Feature Request, Documentation, gpgagent
gniibe added a comment to T4273: agent: Request insertion of smartcard when no card present.

Basically, you are right. In addition, gpg-agent asks scdaemon about list of card/token.

Dec 19 2018, 3:47 AM · Feature Request, Documentation, gpgagent
mjb added a comment to T4273: agent: Request insertion of smartcard when no card present.

OK - so if an entry is not required in sshcontrol for a smart-card key - is the private key stub sufficiently detailed enough for the agent to realise that it can ask for that card to be inserted for an ssh connection?

Dec 19 2018, 3:35 AM · Feature Request, Documentation, gpgagent
gniibe added a comment to T4273: agent: Request insertion of smartcard when no card present.

sshcontrol entry is required for non-smartcard keys, but not for keys on smartcard. This is intentional. For gpg-agent and current format, it is only the information for gpg-agent to know if a key is for SSH or not.

Dec 19 2018, 3:31 AM · Feature Request, Documentation, gpgagent
mjb added a comment to T4273: agent: Request insertion of smartcard when no card present.

Also - going back to sshcontrol - with an ssh key added to the agent with ssh-add, an entry in sshcontrol is required - but not for a key on a smartcard. Is that intentional, or just a byproduct of the smartcard diversion that happens?

Dec 19 2018, 3:22 AM · Feature Request, Documentation, gpgagent
mjb added a comment to T4273: agent: Request insertion of smartcard when no card present.

Oh, wow - yes, adding to sshcontrol brings up the prompt - I do however need to stop the agent from being restarted on insertion for it to subsequently ask for the unlock.

Dec 19 2018, 3:09 AM · Feature Request, Documentation, gpgagent
gniibe removed a project from T4273: agent: Request insertion of smartcard when no card present: Windows.

I see your point. You are right. For SSH access, it just fails without asking insertion. It's not Windows specific.
I checked the change of history of gpg-agent, but I cannot find prompting insertion was supported.
So, I don't thin this is a regression.

Dec 19 2018, 2:52 AM · Feature Request, Documentation, gpgagent
mjb added a comment to T4273: agent: Request insertion of smartcard when no card present.

Yes, it's running. I have a scheduled task that spawns a vbscript to ensure that gpg-agent is started on login, and restarts it on insertion of a card (specifically for two reasons: windows ssh clients don't typically start agents automatically, and windows can cause gpg-agent to get a but upset after a card is removed and re-inserted. Edit: although, I think that latter reason might be resolved now... I haven't investigated deeply. more info here and here).

Dec 19 2018, 2:34 AM · Feature Request, Documentation, gpgagent
gniibe added a comment to T4273: agent: Request insertion of smartcard when no card present.

Thanks for your information.
Hum, you are using gpg-agent for SSH access.

Dec 19 2018, 2:19 AM · Feature Request, Documentation, gpgagent

Dec 18 2018

mjb added a comment to T4273: agent: Request insertion of smartcard when no card present.

When no card is inserted, usage of an ssh client simply fails to request insertion of the card for the stub keys present in ~/.gnupg/.

Dec 18 2018, 6:19 AM · Feature Request, Documentation, gpgagent

Dec 17 2018

aheinecke assigned T3724: Gpg-Agent asks twice for passphrase for key without passphrase to werner.

Asked to raise the priority on this. The quality bar issue is T2103

Dec 17 2018, 11:19 AM · gpgagent
gniibe edited projects for T4273: agent: Request insertion of smartcard when no card present, added: Info Needed; removed Feature Request.

Please let us know the version of GnuPG, the output of gpg --card-status when inserted, and how gpg is not working well, etc.

Dec 17 2018, 9:22 AM · Feature Request, Documentation, gpgagent
gniibe claimed T4273: agent: Request insertion of smartcard when no card present.

How scdaemon responds when there is no card available?

Dec 17 2018, 9:09 AM · Feature Request, Documentation, gpgagent
aheinecke added a comment to T4248: gpg-agent: Rare unresponsiveness after importing a secret S/MIME cert on Windows.

In Wald someone reports that this also appears to happen when decrypting. https://wald.intevation.org/forum/message.php?msg_id=6377 Probably run-threaded will help to flush this out.

Dec 17 2018, 8:33 AM · S/MIME, gnupg (gpg22), gpgagent, gpg4win
gniibe added a comment to T4255: gpg-agent: "<gcrypt> Cannot allocate memory" with 10 threads decrypting OpenPGP.

It became common, because many people now use larger keys.
For RSA-4096, three simultaneous connections for decryption may cause the failure.
In the experimental patch of D472: Limit active connections for gpg-agent, I limit gpg-agent to accept two connections only.

Dec 17 2018, 5:08 AM · gnupg, gpgagent

Dec 16 2018

andy added a comment to T4255: gpg-agent: "<gcrypt> Cannot allocate memory" with 10 threads decrypting OpenPGP.

Agreed this looks like it should be made default behavior. This has affected many people I work with, and even with searching, this ticket never came up. I only found out about it by making a ticket myself. This issue looks like it has generated at least 3 tickets in this bug tracker, and the agent is raising memory errors during normal usage, which still smells like a bug to me.

Dec 16 2018, 8:18 PM · gnupg, gpgagent

Dec 14 2018

werner added a project to T4248: gpg-agent: Rare unresponsiveness after importing a secret S/MIME cert on Windows: S/MIME.
Dec 14 2018, 10:46 AM · S/MIME, gnupg (gpg22), gpgagent, gpg4win

Dec 13 2018

gniibe closed T3880: gpg-agent's ssh-agent does not handle flags in signing requests properly as Resolved.
Dec 13 2018, 3:42 PM · ssh, gpgagent, Bug Report

Dec 12 2018

aheinecke added a comment to T4255: gpg-agent: "<gcrypt> Cannot allocate memory" with 10 threads decrypting OpenPGP.

Uhm, if this option is useful why isn't it default behavior?

Dec 12 2018, 10:34 AM · gnupg, gpgagent
werner closed T4255: gpg-agent: "<gcrypt> Cannot allocate memory" with 10 threads decrypting OpenPGP as Resolved.
Dec 12 2018, 8:30 AM · gnupg, gpgagent
werner closed T3606: failed to build S-Exp (off=0): Cannot allocate memory, a subtask of T4255: gpg-agent: "<gcrypt> Cannot allocate memory" with 10 threads decrypting OpenPGP, as Resolved.
Dec 12 2018, 8:30 AM · gnupg, gpgagent
werner closed T4146: GPG Agent fails in parallel: "gpg: decryption failed: No secret key", a subtask of T4255: gpg-agent: "<gcrypt> Cannot allocate memory" with 10 threads decrypting OpenPGP, as Resolved.
Dec 12 2018, 8:28 AM · gnupg, gpgagent
werner closed T3530: Option to auto-increase secmem in gpg-agent as Resolved.

The --auto-expand-secmem option is available in 2.2. and master for quite some time. It works if libgcrypt 1.8.2 or newer is used.

Dec 12 2018, 8:28 AM · Feature Request, gpgagent
werner closed T3530: Option to auto-increase secmem in gpg-agent, a subtask of T4255: gpg-agent: "<gcrypt> Cannot allocate memory" with 10 threads decrypting OpenPGP, as Resolved.
Dec 12 2018, 8:28 AM · gnupg, gpgagent
werner added a comment to T4255: gpg-agent: "<gcrypt> Cannot allocate memory" with 10 threads decrypting OpenPGP.

Not a bug :-). I should have read my own docs before starting a long debug session. The things is that the auto expanding of the secmem area is only done for xmalloc_secure and the internal MPI allocation functions. It is not dne for any memory which is allocated with xtrymalloc becuase those properly return an error to the caller. The idea is that if the caller wants to get an error back he has also the assurance that them memory is allocated in the non-swappable memory (i.e. not in the expanded parts of the secmem).

Dec 12 2018, 8:24 AM · gnupg, gpgagent
gniibe added a subtask for T4255: gpg-agent: "<gcrypt> Cannot allocate memory" with 10 threads decrypting OpenPGP: T4146: GPG Agent fails in parallel: "gpg: decryption failed: No secret key".
Dec 12 2018, 7:26 AM · gnupg, gpgagent
gniibe added a subtask for T4255: gpg-agent: "<gcrypt> Cannot allocate memory" with 10 threads decrypting OpenPGP: T3606: failed to build S-Exp (off=0): Cannot allocate memory.
Dec 12 2018, 7:23 AM · gnupg, gpgagent
gniibe added a subtask for T4255: gpg-agent: "<gcrypt> Cannot allocate memory" with 10 threads decrypting OpenPGP: T3530: Option to auto-increase secmem in gpg-agent.
Dec 12 2018, 7:22 AM · gnupg, gpgagent
gniibe added a parent task for T3530: Option to auto-increase secmem in gpg-agent: T4255: gpg-agent: "<gcrypt> Cannot allocate memory" with 10 threads decrypting OpenPGP.
Dec 12 2018, 7:22 AM · Feature Request, gpgagent
gniibe merged T3529: Connection limit for gpg-agent into T4255: gpg-agent: "<gcrypt> Cannot allocate memory" with 10 threads decrypting OpenPGP.
Dec 12 2018, 7:16 AM · gnupg, gpgagent
gniibe merged task T3529: Connection limit for gpg-agent into T4255: gpg-agent: "<gcrypt> Cannot allocate memory" with 10 threads decrypting OpenPGP.
Dec 12 2018, 7:16 AM · Feature Request, gnupg (gpg23), gpgagent